Sage employee arrested at Heathrow airport for 'insider threat' data breach

Police in the City of London have arrested an employee of UK technology firm Sage in connection with an ongoing investigation into a recent data breach believed to have impacted between 200 and 300 of its customers.

The arrest of the 32-year-old woman, who remains unnamed at the time of writing, comes only days after the finance and accounting software firm admitted it had suffered "unauthorised access" on its computer systems that left data at risk.

The suspect was apprehended at Heathrow Airport on suspicion of conspiracy to defraud, police confirmed to the BBC, adding the arrest was a result of its data breach probe. The woman has since been released on bail.

Sage, a software company based in Newcastle, previously said it had informed all businesses that were impacted by the breach – which reportedly took place after the employee used an internal login credential to access a large amount of customer data without permission.

At the time of the incident, Sage, which provides accounting and payroll services in 23 countries globally, did not specify what data was accessed. However, one person close to the situation, who spoke anonymously, told the Financial Times the employees' details were used to access to data on "between 200 and 300 companies."

"We continue to work closely with the authorities to investigate the situation," the firm said in an updated statement on its UK website. It added: "Our customers are always our first priority so we continue to communicate directly with those who may be affected and give guidance on measures they can take to protect their security."

Following the breach, shares in Sage fell as much as 4%, however they have since re-balanced.

Commenting on the incident, Johnathan Sander, vice president of product strategy at Lieberman Software, said: "The breach is a reminder that despite all the headlines about bad guys trying to break in there is an ever-present danger from within, too.

"Often firms spend tons of money protecting against outsiders getting in, but fall into the 'we trust our people' tap when it comes to insider threat. The trouble with trusting staff is that they're likely worthy of that trust until the moment they become disgruntled – and there's no way to see that moment happen."